Does the plugin allow to restrict downloads from a fixed IP address only?

This is not regulated by the plugin but rather in your S3 account. You can set a bucket policy for this purpose using CloudBerry Explorer or any other AWs client application or write your own, like this:

{
    "Version": "2008-10-17",
    "Id": "S3PolicyId1",
    "Statement": [
        {
            "Sid": "IPAllow",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*" 
            },
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::mybucket/*",
            "Condition" : {
                "IpAddress" : {
                    "aws:SourceIp": "192.168.143.0/24" 
                }
            } 
        } 
    ]
}

More info can be found here:
http://docs.aws.amazon.com/AmazonS3/latest/dev/AccessPolicyLanguage_UseCases_s3_a.html
If the plugin requesting a file is not accessed via that IP address, an access denied error will show up. You can also set a range of IP addresses.

Updated: August 3, 2013